"The major wireless carriers have sold millions of Android smartphones to consumers," the petition states. "The vast majority of these devices rarely receive software security updates. A significant number of consumers are using smartphones running a version of the Android operating system with known, exploitable security vulnerabilities for which fixes have been published by Google, but have not been distributed to consumers' smartphones by the wireless carriers and their handset manufacturer partners. Android smartphones that do not receive regular, prompt security updates are defective and unreasonably dangerous."

Critics maintain Google has failed to sufficiently police its Google Play digital storefront, making it easy for attackers to distribute malware via Android applications. Google has made strides to reduce Android threats, however: In early 2012, it unveiled Bouncer, which scans Google Play for malicious apps, and its Android 4.2 OS update, a.k.a. Jelly Bean, bakes in application verification tools.

"Sprint follows industry-standard best practices designed to protect its customers," a carrier spokesperson told CNet. Verizon, AT&T and T-Mobile have not yet responded to requests for comment.

The ACLU is a nationwide nonprofit dedicated to upholding principles of free speech, privacy and equality. The organization's petition follows days after an NQ Mobile report stating that malware attacks on Android devices more than doubled in 2012. Fifty-three percent of U.S. Android owners have installed a mobile security app on their device, NQ Mobile adds.

Comments

Join 55,000+ Insiders

SIGN UP FOR OUR NEWSLETTER

FierceMobileIT provides tools, tips and case studies on how to deploy the latest wireless technologies in the enterprise. Join 55,000+ CIOs and senior IT managers who subscribe to our free daily email briefing. Sign up today!